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DETAILED ACTION 

1 . Applicant's arguments filed November 7, 2005, have been fully considered but 
they are not persuasive. 

2. Claims 1-13 are pending and have been examined. 

Response to Amendment 

3. The objection to the drawings is withdrawn. 

4. The objection to the abstract is withdrawn. 

5. The objection to disclosure regarding the terms not defined is withdrawn. 

6. The rejection of claims 9 and 12 under 35 USC § 1 12 is withdrawn. 

7. Claims 1, 3, 5, 7-8, 10-11, and 13 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kocher et al. (US Patent Number: 6,327,661 , hereinafter Kocher), 
and further in view of Tschudin (NPL Apoptosis - the Programmed Death of Distributed 
Services"). 

8. Claims 2, 4, 6, 9, 12 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Kocher and Tschudin, and further in view of Esserman et al. (US Patent Number: 
5,144,664, hereinafter Esserman). 

9. Applicant's arguments fail to comply with 37 CFR 1 . 1 1 1 (b) because they amount 
to a general allegation that the claims define a patentable invention without specifically 
pointing out how the language of the claims patentably distinguishes them from the 
references. 

10. Applicant's arguments do not comply with 37 CFR 1 .1 1 1(c) because they do not 
clearly point out the patentable novelty which he or she thinks the claims present in view 
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of the state of the art disclosed by the references cited or the objections made. Further, 
they do not show how the amendments avoid such references or objections. 

11. In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the rejections 
are based on combinations of references. See In re Keller, 642 F.2d 413, 208 
USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 
1986). 

12. Applicant admits in the Remarks that the only allegedly missing feature from the 
prior art is checking by using a test plaintext/ciphertext. Assuming arguendo Applicant is 
correct, is still checking, checking information for validating input/output on an 
information processing device was conventional and well known. However, Tschudin 
clearly teaches checking using test values (page 258), namely "for each 
presented key we attempt to decrypt the ENCRYPTED_CODE. Looking at the 
result we can decide if this was a valid decryption or not." (emphasis added). 

13. An apoptosis key, as disclosed, is nothing more than a key that has been 
changed (dead, expired, not in use, etc). Thus, it would have been obvious to someone 
of ordinary skill in the art to check if an expired key is being used. 

14. Checking whether an expired key has been used to attempt access to a 
computer system is conventional and well known. Authentication methods for computer 
systems prompting users to change a password (key) after a certain amount of time had 
passed, were conventional and well known at the time the invention was made. It was 
also conventional and well known to prevent the re-use of a certain key by a certain 
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user. This necessarily implies that an old key was saved to verify the user did not 
attempt to use the same key at a later time. 

15. In response to Applicant's request for a reference that teaches publishing 
information, Examiner submits US Patent 4,634,807 to Chorley et al. (hereinafter 
Chorley). Chorley teaches publishing a plaintext message and its corresponding 
encrypted text (column 3, lines 1-67). 

Claim Rejections - 35 USC § 103 

16. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

17. Claims 1, 3, 5, 7-8, 10-11, and 13 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Kocher, and further in view of Tschudin. 

Regarding claim 1, Kocher teaches a cryptographic system comprising first 
cryptographic algorithm means for enabling cryptographic operations (column 2, lines 
60-67, column 13, lines 20-67), input/output means for receiving input streams and 
sending output streams (column 13, lines 20-67, column 14, lines 61-67), wherein said 
input streams are transformed to said output streams by said cryptographic operations 
(column 13, lines 20-67), at least one test plaintext Pj and for each test plaintext Pj a 
corresponding test ciphertext C\ (column 13, lines 20-67), receiving means for receiving 
a control stream (column 13, lines 20-67, column 14, lines 1-60), checking means for 
checking whether said at least one test ciphertext C\ is the enciphered image of the 
corresponding test plaintext Pj under the cryptographic operation of said first 
cryptographic algorithm means (column 13, lines 20-67), switching means for stopping 
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said cryptographic operations with said first cryptographic algorithm means (column 13, 
lines 20-67), wherein said stopping by said switching means is triggered by said 
checking means (column 13, lines 20-67). Kocher does not expressly disclose including 
at least one apoptosis key Kj. Kocher teaches self-destructing keys. However, Tschudin 
teaches the concept of "apoptosis" related to distributed services and computer security 
(sections 3-5). Therefore, it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to use an "apoptosis key". One of ordinary skill in 
the art would have been motivated to perform such a modification to control the 
execution of services (Tschudin, sections 4-5). 

Regarding claim 3, the combination of Kocher and Tschudin teaches the 
limitations as set forth under claim 1 above. Furthermore, Kocher teaches said receiving 
means is made for accepting control streams which include at least one plaintext Pi, for 
each plaintext Pi a corresponding ciphertext Q (column 2, lines 60-67, column 3, lines 1- 
10) and said checking means is made for trying to find a test plaintext Pj and a test 
ciphertext C { equal to said received plaintext Pj, wherein said checking is done with said 
apoptosis key of said equal test plaintext Pj and said equal test ciphertext Q (column 13, 
lines 20-67, column 14, lines 61-67) and Tschudin teaches the concept of "apoptosis" 
related to distributed services and computer security (sections 3-5). 

Regarding claim 5, Kocher teaches a method for creating a cryptographic 
system for carrying out cryptographic operations characterized by the steps of 
implementing within said cryptographic system a first cryptographic algorithm enabling 
said cryptographic operations (column 2, lines 60-67, column 3, lines 1-10), selecting at 
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least one test plaintext Pi and enciphering each test plaintext Pj with said first 
cryptographic algorithm thereby generating a corresponding test ciphertext Ci for each 
test plaintext Pi (column 2, lines 60-67, column 13, lines 20-67), implementing within 
said cryptographic system said at least one test plaintext Pj and for each test plaintext Pj 
said corresponding test ciphertext Cj (column 13, lines 20-67, column 14, lines 61-67), 
implementing within said cryptographic system receiving means for receiving a control 
stream (column 13, lines 20-67, column 14, lines 61-67), implementing within said 
cryptographic system checking means for checking whether said at least one test 
ciphertext Cj is the enciphered image of the corresponding test plaintext Pj under said 
first cryptographic algorithm (column 13, lines 20-67), implementing within said 
cryptographic system switching means for stopping said cryptographic operations with 
said first cryptographic algorithm (column 13, lines 20-67), wherein said stopping by 
said switching means is triggered by said checking means (column 13, lines 20-67). 
Kocher does not expressly disclose the use of one apoptosis key Kj. Kocher teaches 
self-destructing keys. However, Tschudin teaches the concept of "apoptosis" related to 
distributed services and computer security (sections 3-5). Therefore, it would have been 
obvious to one having ordinary skill in the art at the time the invention was made to use 
an "apoptosis key". One of ordinary skill in the art would have been motivated to 
perform such a modification to control the execution of services (Tschudin, sections 4- 
5). 

Regarding claim 7, the combination of Kocher and Tschudin does not expressly 
disclose publishing said at least one test plaintext Pj and for each test plaintext Pj said 
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corresponding test ciphertext Q. However, Examiner takes Official Notice that 
publishing information was conventional and well known at the time the invention was 
made. Furthermore, Kocher stores plaintext and ciphertext prior to comparing them. 
Therefore, it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to publish this information since Examiner takes Official Notice 
that it was conventional and well known. 

Regarding claim 8, Kocher teaches a method for operating a cryptographic 
system for carrying out cryptographic operations (column 2, lines 60-67, column 3, lines 
1-10) characterized by the steps of providing a first cryptographic algorithm for enabling 
said cryptographic operations (column 2, lines 60-67, column 13, lines 20-67), receiving 
input streams and sending output streams wherein said input streams are transformed 
to said output streams by said cryptographic operations (column 13, lines 20-67, column 
14, lines 61-67), receiving a control stream, checking whether a test ciphertext Cj is the 
enciphered image of a corresponding test plaintext Pi under said first cryptographic 
algorithm when using said key Kj (column 13, lines 20-67), stopping said cryptographic 
operations with said first cryptographic algorithm, if said test ciphertext Cj is the 
enciphered image of said corresponding test plaintext Pj under said first cryptographic 
algorithm (column 13, lines 20-67). Kocher does not expressly disclose the use of one 
apoptosis key Ki. Kocher teaches self-destructing keys. However, Tschudin teaches the 
concept of "apoptosis" related to distributed services and computer security (sections 3- 
5). Therefore, it would have been obvious to one having ordinary skill in the art at the 
time the invention was made to use an "apoptosis key". One of ordinary skill in the art 
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would have been motivated to perform such a modification to control the execution of 
services (Tschudin, sections 4-5). 

Regarding claim 10, the combination of Kocher and Tschudin teaches the 
limitations as set forth under claim 8 above. Furthermore, Kocher teaches wherein said 
receiving of a control stream includes for each key Kj receiving of a plaintext Pj and a 
corresponding ciphertext Q (column 2, lines 60-67, column 3, lines 1-10), and said 
checking includes trying to find a test plaintext Pj and a test ciphertext Cj equal to said 
received plaintext Pj, and said received ciphertext Cj wherein said checking is done with 
said key of said equal test plaintext Pj and said equal test ciphertext Cj (column 13, lines 
20-67, column 14, lines 61-67) and Tschudin teaches the concept of "apoptosis" related 
to distributed services and computer security (sections 3-5). Therefore, it would have 
been obvious to one having ordinary skill in the art at the time the invention was made 
to use an "apoptosis key". One of ordinary skill in the art would have been motivated to 
perform such a modification to control the execution of services (Tschudin, sections 4- 
5). 

Regarding claim 11, Kocher teaches a computer software product for operating 
a cryptographic system for carrying out cryptographic operations (column 14, lines 5- 
60), said product is characterized by a computer-readable medium in which program 
instructions are stored (column 14, lines 5-60), which instructions, when read by a 
computer, enable the computer to perform a first cryptographic algorithm that is 
enabling said cryptographic operations (column 2, lines 60-67, column 3, lines 1-10), 
receive input streams and send output streams wherein said input streams are 
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transformed to said output streams by said cryptographic operations (column 13, lines 
20-67, column 14, lines 61-67), receive a control stream which is including at least one 
key Kj, check whether a test ciphertext Q is the enciphered image of a corresponding 
test plaintext Pj under said first cryptographic algorithm when using said key Kj, stop 
said cryptographic operations with said first cryptographic algorithm (column 13, lines 
20-67), if said test ciphertext Cj is the enciphered image of said corresponding test 
plaintext Pj under said first cryptographic algorithm when using said key Ki (column 13, 
lines 20-67). Kocher does not expressly disclose the use of one apoptosis key Kj. 
Kocher teaches self-destructing keys. However, Tschudin teaches the concept of 
"apoptosis" related to distributed services and computer security (sections 3-5). 
Therefore, it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to use an "apoptosis key". One of ordinary skill in the art would 
have been motivated to perform such a modification to control the execution of services 
(Tschudin, sections 4-5). 

Regarding claim 13, the combination of Kocher and Tschudin teaches the 
limitations as set forth under claim 8 above. Furthermore, Kocher teaches computer 
program comprising program code means for performing the steps of claim 8 when said 
program is run on a computer (column 14, lines 5-60). 
18. Claims 2, 4, 6, 9, 12 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kocher and Tschudin, and further in view of Esserman. 

Regarding claim 2, the combination of Kocher and Tschudin does not expressly 
disclose at least one second cryptographic algorithm means, wherein said switching 
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means enables switching to said at least one second cryptographic algorithm means. 
However, Esserman teaches at least one second cryptographic algorithm means, 
wherein said switching means enables switching to said at least one second 
cryptographic algorithm means (column 4, lines 1-41). Therefore, it would have been 
obvious to one having ordinary skill in the art at the time the invention was made to 
switch between multiple encryption algorithms when an encryption algorithm is 
compromised. One of ordinary skill in the art would have been motivated to perform 
such a modification to maintain secure communications (Esserman, column 1, lines 39- 
67, column 2, lines 1-68). 

Regarding claim 4, the combination of Kocher and Tschudin does not expressly 
disclose a cascaded list of different cryptographic algorithm means. However, 
Esserman teaches a cascaded list of different cryptographic algorithm means (column 
4, lines 1-41). Therefore, it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to use a cascaded list of different cryptographic 
algorithm means. One of ordinary skill in the art would have been motivated to perform 
such a modification to maintain secure communications (Esserman, column 1, lines 39- 
67, column 2, lines 1-68). 

Regarding claim 6, the combination of Kocher and Tschudin does not expressly 
disclose implementing within said cryptographic system at least one second 
cryptographic algorithm for said ciphering operations, and switching by said switching 
means to said at least one second cryptographic algorithm. However, Esserman 
teaches implementing within said cryptographic system at least one second 
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cryptographic algorithm for said ciphering operations, and switching by said switching 
means to said at least one second cryptographic algorithm (column 4, lines 1-41). 
Therefore, it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to use at least one second cryptographic algorithm for said 
ciphering operations, and switching to a second cryptographic algorithm. One of 
ordinary skill in the art would have been motivated to perform such a modification to 
maintain secure communications (Esserman, column 1, lines 39-67, column 2, lines 1- 
68). 

Regarding claim 9, the combination of Kocher and Tschudin does not expressly 
disclose switching to one of said second cryptographic algorithms for said cryptographic 
operations after said stopping. However, Esserman teaches switching to one of said 
second cryptographic algorithms for said cryptographic operations after said stopping 
(column 4, lines 1-41). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time the invention was made to use a second cryptographic 
algorithm for said ciphering operations, and switching to a second cryptographic 
algorithm. One of ordinary skill in the art would have been motivated to perform such a 
modification to maintain secure communications (Esserman, column 1, lines 39-67, 
column 2, lines 1-68). 

Regarding claim 12, the combination of Kocher and Tschudin does not 
expressly disclose computer software product, wherein said instructions, when read by 
a computer, enable the computer to perform at least a second cryptographic algorithm 
and switch to said at least one second cryptographic algorithms for said cryptographic 
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operations after said stopping. However, Esserman teaches computer software product, 
wherein said instructions, when read by a computer, enable the computer to perform at 
least a second cryptographic algorithm and switch to said at least one second 
cryptographic algorithms for said cryptographic operations after said stopping (column 
4, lines 1-41). Therefore, it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to use a second cryptographic algorithm for said 
cryptographic operations, and switching to a second cryptographic algorithm. One of 
ordinary skill in the art would have been motivated to perform such a modification to 
maintain secure communications (Esserman, column 1, lines 39-67, column 2, lines 1- 
68). 

Conclusion 

19. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Pearson et al. (US Patent 5,838,256) teach detecting use of an 
expired key. Rehm (US Patent 5,740,243) teaches publishing plaintext/ciphertext pairs. 

20. THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

21 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David G. Cervetti whose telephone number is (571) 272- 
5861. The examiner can normally be reached on Monday-Friday 7:00 am - 5:00 pm, off 
on Wednesday. 

22. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on (571) 272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

23. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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